Security researchers discover dangerous malware that's small, fast, can work locally, and doesn't need a master command - here's what you need to know

• Mamona executes quietly, never touches the internet, and erases itself, making it hard to detect
• A three-second delay followed by self-deletion helps Mamona evade detection rules
• Ransomware behavior blends in with normal activity, delaying security team response

Security researchers are tracking Mamona, a newly identified ransomware strain that stands out for its stripped-down design and quiet, local execution.

Experts from Wazuh say this ransomware avoids the usual reliance on command-and-control servers, opting instead for a self-contained approach that slips past tools dependent on network traffic analysis.

It is executed locally on a Windows system as a standalone binary file, and this offline behavior exposes a blind spot in conventional defenses, forcing a rethink of how even the best antivirus and detection systems should function when there is no network.